Sign in to Support Center

My Inventory

Exchange, LoadMaster and OS X Connectivity issues

Occasionally an issue occurs relating to Exchange 2010 and OS X mail. This issue is described below:

When the LoadMaster operates at full Layer 7, requests sent to Client Access Servers (CAS) can have two additional headers inserted automatically. These are the X-Forwarded-For and Via headers which inform the server of the IP address of the client and the IP address of the service respectively. The via header is used by proxies to indicate to servers that there may be a hop in between. The presence of this header causes the CAS to set the 'Persistent-Auth' header to 'false'. Ordinarily this would be fine - it would simply require each request to be sent with credentials rather than once per connection. Occasionally this is a problem because the Mac Mail application does not always re-send the credentials.

To resolve this issue, you can create a rule in the LoadMaster to delete this header:

In the main menu of the LoadMaster Web User Interface (WUI), select Rules & Checking and Content Rules.

Click Create New.

Enter a recognizable Rule Name, for example Remove_Via.

Select Delete Header as the Rule Type.

Enter Via as the Header Field to be Deleted.

Click Create Rule.

In the main menu, select Virtual Services and View/Modify Virtual Services.

Click Modify on the relevant Virtual Service.

Expand the Advance Properties section.

Click Show Header Rules.

Add the relevant rule as a request rules on the main virtual service.

After the rule has been created and assigned to the Virtual Service, the via header will be deleted going forward.

12.Test connectivity once again. If client fails to connect, see step 13.

13. SSL Ciphers

It's possible you will have to make changes to your SSL Cipher Suites. This is necessary depending on your version of OS X.

Thank you Norbert and Ben, I have to get back to this . I have been side tracked with other projects but am really curious if this fixes it. as I have upgraded to Mavericks and now it no longer works...was able to find a work around using certain authentication, digest based on exch 2013 but prefer not to use that